[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log of the back end

PKSA-7xh8-fvvz-jkj9 CVE-2018-10125 GHSA-pj4j-287j-f742

Affected package: contao/core-bundle

Affected version: >=4.0.0,<4.4.18|>=4.5.0,<4.5.8

Reported by:
FriendsOfPHP/security-advisories, GitHub